SEC+ Study Guide A

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Ctstravis
C
Ctstravis
Community Contributor
Quizzes Created: 8 | Total Attempts: 2,372
Questions: 100 | Attempts: 176
SettingsSettingsSettings
Please wait...
Create your own Quiz
Study Guide Quizzes & Trivia

1-100

Questions and Answers
  • 1. 

                    QUESTION NO: 1 All of the following provide confidentiality protection as part of the underlying protocol EXCEPT:

    • A.

      SSL.

    • B.

      SSH.

    • C.

      L2TP

    • D.

      IPSeC

    Correct Answer
    C. L2TP
    Explanation
    L2TP (Layer 2 Tunneling Protocol) does not provide confidentiality protection as part of the underlying protocol. SSL (Secure Sockets Layer), SSH (Secure Shell), and IPSeC (Internet Protocol Security) all have mechanisms in place to ensure confidentiality of data transmitted over the network. However, L2TP is primarily used for creating virtual private networks (VPNs) and does not include built-in encryption for data confidentiality.

    Rate this question:

  • 2. 

    QUESTION NO: 2 Which of the following allows an attacker to manipulate files by using the least significant bit(s) to secretly embed data?

    • A.

      Steganography

    • B.

      Worm

    • C.

      Trojan horse

    • D.

      Virus

    Correct Answer
    A. Steganography
    Explanation
    Steganography is a technique that allows an attacker to hide data within files by using the least significant bit(s) of the file. This means that the attacker can manipulate the files in such a way that the changes are not easily detectable by the naked eye. By embedding data in this manner, the attacker can secretly transmit information without arousing suspicion. Unlike worms, Trojan horses, and viruses, which are all malicious software, steganography is a method used to hide data rather than directly causing harm to a system.

    Rate this question:

  • 3. 

    QUESTION NO: 3 Which of the following type of attacks would allow an attacker to capture HTTP requests and send back a spoofed page?  

    • A.

      Teardrop

    • B.

      TCP/IP hijacking

    • C.

      Phishing

    • D.

      Replay

    Correct Answer
    B. TCP/IP hijacking
    Explanation
    TCP/IP hijacking is a type of attack where an attacker intercepts and manipulates TCP/IP packets to gain unauthorized access to a network. In this scenario, the attacker can capture HTTP requests and send back a spoofed page to the victim. This allows the attacker to deceive the victim into believing that they are interacting with a legitimate website or service, leading to potential data theft or other malicious activities.

    Rate this question:

  • 4. 

    QUESTION NO: 4 How should a company test the integrity of its backup data?

    • A.

      By conducting another backup

    • B.

      By using software to recover deleted files

    • C.

      By restoring part of the backup

    • D.

      By reviewing the written procedures

    Correct Answer
    C. By restoring part of the backup
    Explanation
    To test the integrity of its backup data, a company should restore part of the backup. This involves actually retrieving and accessing the data from the backup to ensure that it is complete and can be successfully restored. This test helps to verify that the backup system is functioning properly and that the data can be recovered in the event of a disaster or data loss. Conducting another backup, using software to recover deleted files, and reviewing written procedures are all important steps in data backup and recovery, but they do not specifically test the integrity of the backup data.

    Rate this question:

  • 5. 

    QUESTION NO: 5 Which of following can BEST be used to determine the topology of a network and discover unknown devices?

    • A.

      Vulnerability scanner

    • B.

      NIPS

    • C.

      Protocol analyzer

    • D.

      Networkmapper

    Correct Answer
    D. Networkmapper
    Explanation
    A networkmapper is the best tool to determine the topology of a network and discover unknown devices. A networkmapper is specifically designed to scan and map a network, providing information about the devices connected to it and their relationships. It can detect devices that may not be visible through other means, such as firewalls or network monitoring tools. By analyzing the network's structure and connections, a networkmapper can provide valuable insights into the network's topology and help identify any unknown or unauthorized devices.

    Rate this question:

  • 6. 

    QUESTION NO: 6 When should a technician perform penetration testing?

    • A.

      When the technician suspects that weak passwords exist on the network

    • B.

      When the technician is trying to guess passwords on a network

    • C.

      When the technician has permission from the owner of the network

    • D.

      When the technician has permission from the owner of the network

    Correct Answer
    C. When the technician has permission from the owner of the network
    Explanation
    Penetration testing should only be performed when the technician has permission from the owner of the network. This is because penetration testing involves actively attempting to exploit vulnerabilities in a network to identify potential security weaknesses. Without proper authorization, performing penetration testing can be considered illegal and unethical. Therefore, it is crucial for the technician to obtain permission from the owner of the network before conducting any penetration testing activities.

    Rate this question:

  • 7. 

    QUESTION NO: 7An administrator has implemented a new SMTP service on a server. A public IP address translates to the internal SMTP server. The administrator notices many sessions to the server, and gets notification that the servers public IP address is now reported in a spam real-time block list.Which of the following is wrong with the server?

    • A.

      SMTP open relaying is enabled

    • B.

      It does not have a spam filter.

    • C.

      The amount of sessions needs to be limited.

    • D.

      The public IP address is incorrect

    Correct Answer
    A. SMTP open relaying is enabled
    Explanation
    The correct answer is "SMTP open relaying is enabled". This means that the server is allowing anyone to use it as a relay to send emails, which can be exploited by spammers to send spam emails. This is why the server's public IP address is reported in a spam real-time block list.

    Rate this question:

  • 8. 

    QUESTION NO: 8 Which of the following is MOST efficient for encrypting large amounts of data?

    • A.

      Hashing algorithms

    • B.

      Symmetric key algorithms

    • C.

      Asymmetric key algorithms

    • D.

      ECC algorithms

    Correct Answer
    B. Symmetric key algorithms
    Explanation
    Symmetric key algorithms are the most efficient for encrypting large amounts of data because they use the same key for both encryption and decryption. This eliminates the need for complex mathematical operations and reduces the processing time. Additionally, symmetric key algorithms are faster than asymmetric key algorithms because they do not require the use of large key sizes. Hashing algorithms are not suitable for encrypting large amounts of data as they are one-way functions used for verifying data integrity, while ECC algorithms are efficient for encryption but are not specifically designed for large amounts of data.

    Rate this question:

  • 9. 

    QUESTION NO: 9 Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?

    • A.

      Rogue access points

    • B.

      War driving

    • C.

      Weak encryption

    • D.

      Session hijacking

    Correct Answer
    B. War driving
    Explanation
    Disabling the SSID broadcast of wireless access points is a recommended security measure to prevent war driving. War driving is the act of searching for and mapping out wireless networks by driving around with a wireless device. By disabling the SSID broadcast, the company can make their wireless network less visible and harder to detect, thereby reducing the risk of unauthorized access.

    Rate this question:

  • 10. 

    QUESTION NO: 10     Which of the following BEST describes ARP?

    • A.

      Discovering the IP address of a device from the MAC address

    • B.

      Discovering the IP address of a device from the DNS name

    • C.

      Discovering the MAC address of a device from the IP address

    • D.

      Discovering the DNS name of a device from the IP address

    Correct Answer
    C. Discovering the MAC address of a device from the IP address
    Explanation
    ARP (Address Resolution Protocol) is a protocol used to discover the MAC address of a device from its IP address. It is commonly used in local area networks to map an IP address to its corresponding MAC address. This mapping is necessary for devices to communicate with each other on the network. By sending an ARP request, a device can determine the MAC address of another device on the same network, allowing for successful communication between them.

    Rate this question:

  • 11. 

    QUESTION NO: 11 Which of the following would be BEST to use to apply corporate security settings to a device?

    • A.

      A security patch

    • B.

      A securityhotfix

    • C.

      An OS service pack

    • D.

      A security template

    Correct Answer
    D. A security template
    Explanation
    A security template would be the best option to apply corporate security settings to a device. A security template is a predefined configuration file that contains security settings for various aspects of the operating system and applications. It allows administrators to easily apply consistent security settings across multiple devices, ensuring compliance with corporate security policies. Security patches, security hotfixes, and OS service packs are typically used to address specific vulnerabilities or fix bugs, rather than applying comprehensive security settings.

    Rate this question:

  • 12. 

    QUESTION NO: 12 A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If the anti-malware software is purchased, which of the following is the expected net savings?

    • A.

      $900

    • B.

      $2,290

    • C.

      $2,700

    • D.

      $5,000

    Correct Answer
    B. $2,290
    Explanation
    By purchasing the anti-malware software for $5,000 per year, the call center can prevent workstations from being compromised with a 90% probability. If workstations are compromised, it will take three hours to restore services for the 30 staff, resulting in a cost of $90 per hour per staff member. Without the software, there is a 10% chance of workstations being compromised, which would result in a cost of $90 per hour per staff member for three hours. Therefore, the expected net savings from purchasing the software can be calculated as follows: (0.9 * 0) - (0.1 * 30 * 3 * 90) = $2,290.

    Rate this question:

  • 13. 

    QUESTION NO: 13 Which of the following is the main objective of steganography?

    • A.

      Message digest

    • B.

      Encrypt information

    • C.

      Hide information

    • D.

      Data integrity

    Correct Answer
    C. Hide information
    Explanation
    The main objective of steganography is to hide information. Steganography is the practice of concealing messages or information within other non-secret data in order to prevent detection. This can be done by embedding the hidden information within digital images, audio files, or other types of media. The purpose of steganography is to ensure that the hidden information remains confidential and is only accessible to the intended recipient, while appearing as innocent or unimportant to anyone else who may come across it.

    Rate this question:

  • 14. 

    QUESTION NO: 14 Which of the following would allow for secure key exchange over an unsecured network without a pre-shared key?

    • A.

      3DES

    • B.

      AES

    • C.

      DH-ECC

    • D.

      MD5

    Correct Answer
    C. DH-ECC
    Explanation
    DH-ECC (Diffie-Hellman Elliptic Curve Cryptography) would allow for secure key exchange over an unsecured network without a pre-shared key. DH-ECC is a cryptographic algorithm that allows two parties to establish a shared secret key over an insecure channel. It uses the mathematics of elliptic curves to provide a high level of security. Unlike 3DES, AES, and MD5, which are encryption algorithms, DH-ECC specifically addresses the secure exchange of keys.

    Rate this question:

  • 15. 

    QUESTION NO: 15 Which of the following improves security in a wireless system?

    • A.

      IP spoofing

    • B.

      MAC filtering

    • C.

      SSID spoofing

    • D.

      Closed network

    Correct Answer
    B. MAC filtering
    Explanation
    MAC filtering improves security in a wireless system by allowing or denying access to the network based on the MAC address of the device. This prevents unauthorized devices from connecting to the network, as only devices with approved MAC addresses are allowed access.

    Rate this question:

  • 16. 

    QUESTION NO: 16 A user wants to implement secure LDAP on the network. Which of the following port numbers secure LDAP use by default?

    • A.

      53

    • B.

      389

    • C.

      443

    • D.

      636

    Correct Answer
    D. 636
    Explanation
    Secure LDAP (LDAPS) uses port number 636 by default. LDAPS is a protocol that provides secure communication between clients and directory servers. It uses SSL/TLS encryption to protect the data transmitted over the network. By default, LDAPS uses port 636 instead of the standard LDAP port (389) to ensure that the communication is encrypted. This helps to prevent unauthorized access and protect sensitive information, such as user credentials, from being intercepted or tampered with during transmission.

    Rate this question:

  • 17. 

    QUESTION NO: 17 On which of the following is a security technician MOST likely to find usernames?

    • A.

      DNS logs

    • B.

      Application logs

    • C.

      Firewall logs

    • D.

      DHCP logs

    Correct Answer
    B. Application logs
    Explanation
    A security technician is most likely to find usernames on application logs. Application logs record information about the activities and events that occur within an application, including user interactions. Usernames are often logged as part of the authentication process when users log in or access certain features within an application. By reviewing the application logs, a security technician can track and monitor user activities, identify any suspicious or unauthorized access, and investigate any security incidents or breaches.

    Rate this question:

  • 18. 

    QUESTION NO: 18 How many keys are utilized with asymmetric cryptography?

    • A.

      One

    • B.

      Two

    • C.

      Five

    • D.

      Seven

    Correct Answer
    B. Two
    Explanation
    Asymmetric cryptography, also known as public-key cryptography, uses two different keys: a public key and a private key. The public key is used to encrypt data and can be shared with others, while the private key is kept secret and used to decrypt the encrypted data. This two-key system ensures secure communication and authentication between parties. Therefore, the correct answer is "Two".

    Rate this question:

  • 19. 

    QUESTION NO: 19 During a risk assessment it is discovered that only one system administrator is assigned several tasks critical to continuity of operations. It is recommended to cross train other system administrators to perform these tasks and mitigate which of the following risks?

    • A.

      DDoS

    • B.

      Privilege escalation

    • C.

      Disclosure of PII

    • D.

      Single point of failure

    Correct Answer
    D. Single point of failure
    Explanation
    The risk being mitigated by cross training other system administrators is the risk of a single point of failure. By having only one system administrator responsible for critical tasks, if that person is unavailable or leaves the organization, there would be no one else capable of performing those tasks. Cross training other system administrators ensures that there are multiple individuals who can step in and maintain continuity of operations, reducing the risk of a single point of failure.

    Rate this question:

  • 20. 

    QUESTION NO: 20 Which of the following network filtering devices will rely on signature updates to be effective?

    • A.

      Proxy server

    • B.

      Firewall

    • C.

      NIDS

    • D.

      Honeynet

    Correct Answer
    C. NIDS
    Explanation
    A Network Intrusion Detection System (NIDS) relies on signature updates to be effective. NIDS monitors network traffic for suspicious activity and compares it against a database of known attack signatures. By regularly updating the signature database, the NIDS can detect and alert on new or emerging threats. This ensures that the NIDS can keep up with the latest attack techniques and provide effective protection for the network.

    Rate this question:

  • 21. 

    QUESTION NO: 21 Which of the following is a single server that is setup in the DMZ or outer perimeter in order to distract attackers?

    • A.

      Honeynet

    • B.

      DMZ

    • C.

      Honeypot

    • D.

      VLAN

    Correct Answer
    C. Honeypot
    Explanation
    A honeypot is a single server that is intentionally set up in the DMZ or outer perimeter of a network to attract and distract attackers. It is designed to look like a legitimate target and contains fake or decoy data, systems, or services. The purpose of a honeypot is to gather information about the tactics, techniques, and tools used by attackers, as well as to divert their attention away from the actual valuable assets of the network.

    Rate this question:

  • 22. 

    QUESTION NO: 22 Which of the following encryption algorithms is decrypted in the LEAST amount of time?

    • A.

      RSA

    • B.

      AES

    • C.

      3DES

    • D.

      L2TP

    Correct Answer
    B. AES
    Explanation
    AES (Advanced Encryption Standard) is decrypted in the least amount of time compared to the other encryption algorithms listed. AES is a symmetric encryption algorithm that uses a fixed key length of 128, 192, or 256 bits. It is widely used and considered to be highly secure and efficient. RSA (Rivest-Shamir-Adleman) is an asymmetric encryption algorithm that involves complex mathematical calculations, making it slower to decrypt. 3DES (Triple Data Encryption Standard) is a symmetric encryption algorithm that applies the DES algorithm three times, making it slower than AES. L2TP (Layer 2 Tunneling Protocol) is a network protocol, not an encryption algorithm, so it is not applicable to this question.

    Rate this question:

  • 23. 

    QUESTION NO: 23 An administrator is trying to secure a network from threats originating outside the network. Which of the following devices provides protection for the DMZ from attacks launched from the Internet?

    • A.

      Antivirus

    • B.

      Content filter

    • C.

      Firewall

    • D.

      Proxy server

    Correct Answer
    C. Firewall
    Explanation
    A firewall is a device that acts as a barrier between a private internal network and the public Internet. It monitors incoming and outgoing network traffic and allows or blocks specific traffic based on predetermined security rules. In the context of securing a network from threats originating outside the network, a firewall is the most appropriate device. It can prevent unauthorized access to the DMZ (Demilitarized Zone), which is a network segment that separates the internal network from the Internet. By filtering and controlling the traffic, a firewall helps protect the DMZ from attacks launched from the Internet.

    Rate this question:

  • 24. 

    QUESTION NO: 24 Which of the following is a way to manage operating system updates?

    • A.

      Service pack management

    • B.

      Patch application

    • C.

      Hotfix management

    • D.

      Change management

    Correct Answer
    D. Change management
    Explanation
    Change management is a way to manage operating system updates. It involves a systematic approach to implementing changes in an organization's IT infrastructure, including updates to the operating system. Change management ensures that updates are planned, tested, and implemented in a controlled manner to minimize disruption and ensure the stability and security of the system. It includes processes for assessing the impact of changes, obtaining approvals, and communicating and coordinating with stakeholders.

    Rate this question:

  • 25. 

    QUESTION NO: 25 Which of the following is a list of discrete entries that are known to be benign?

    • A.

      Whitelist

    • B.

      Signature

    • C.

      Blacklist

    • D.

      ACL

    Correct Answer
    A. Whitelist
    Explanation
    A whitelist is a list of discrete entries that are known to be benign. It is used to allow only specific, trusted entities or actions while blocking all others. Unlike a blacklist, which contains entries that are known to be malicious or unwanted, a whitelist only includes entries that are considered safe and authorized. By using a whitelist, organizations can enhance security by restricting access to only known and trusted sources, reducing the risk of unauthorized access or malicious activities.

    Rate this question:

  • 26. 

    QUESTION NO: 26 Which of the following increases the collision resistance of a hash?

    • A.

      Salt

    • B.

      Increase the input length

    • C.

      Rainbow Table

    • D.

      Larger key space

    Correct Answer
    A. Salt
    Explanation
    Salt increases the collision resistance of a hash by adding a random value to the input before hashing. This ensures that even if two inputs are identical, their hash values will be different due to the added salt. This makes it more difficult for attackers to precompute hashes or use rainbow tables to reverse engineer the original input. Increasing the input length, using a larger key space, and rainbow tables can also contribute to collision resistance, but salt specifically addresses the issue of identical inputs producing the same hash value.

    Rate this question:

  • 27. 

    QUESTION NO: 27 A programmer has decided to alter the server variable in the coding of an authentication function for a proprietary sales application. Before implementing the new routine on the production application server, which of the following processes should be followed?

    • A.

      Change management

    • B.

      Secure disposal

    • C.

      Password complexity

    • D.

      Chain of custody

    Correct Answer
    A. Change management
    Explanation
    Change management should be followed before implementing the new routine on the production application server. Change management is a process that ensures any changes made to an IT system, such as altering the server variable in this case, are properly planned, tested, approved, and documented. This process helps to minimize the risk of introducing errors or disruptions to the system and ensures that changes are implemented in a controlled and organized manner. By following change management, the programmer can ensure that the alteration to the server variable is properly reviewed, approved, and implemented in a way that aligns with the organization's policies and procedures.

    Rate this question:

  • 28. 

    QUESTION NO: 28 When deploying 50 new workstations on the network, which of following should be completed FIRST?

    • A.

      Install a word processor.

    • B.

      Run the latest spyware.

    • C.

      Apply the baseline configuration

    • D.

      Run OS updates.

    Correct Answer
    C. Apply the baseline configuration
    Explanation
    The first step when deploying new workstations on the network should be to apply the baseline configuration. This ensures that all workstations have a consistent and standardized setup, including settings, software, and security measures. By applying the baseline configuration first, it establishes a solid foundation for the deployment of the workstations and ensures that they are ready for further tasks such as installing a word processor, running spyware, and running OS updates.

    Rate this question:

  • 29. 

    QUESTION NO: 29 Which of the following should be implemented to have all workstations and servers isolated in their own broadcast domains?

    • A.

      VLANs

    • B.

      NAT

    • C.

      Access lists

    • D.

      Intranet

    Correct Answer
    A. VLANs
    Explanation
    To have all workstations and servers isolated in their own broadcast domains, VLANs (Virtual Local Area Networks) should be implemented. VLANs allow for the creation of separate broadcast domains within a single physical network infrastructure. By dividing the network into different VLANs, each with its own unique broadcast domain, communication and traffic can be isolated and restricted between different VLANs, ensuring better network performance, security, and management. NAT (Network Address Translation) is used to translate private IP addresses to public IP addresses, access lists are used for filtering network traffic, and an intranet is a private network accessible only to an organization's members.

    Rate this question:

  • 30. 

    QUESTION NO: 30 End users are complaining about receiving a lot of email from online vendors and pharmacies. Which of the following is this an example of?

    • A.

      Trojan

    • B.

      Spam

    • C.

      Phishing

    • D.

      DNS poisoning

    Correct Answer
    B. Spam
    Explanation
    The given scenario describes a situation where end users are receiving a large volume of unwanted email from online vendors and pharmacies. This is a classic example of spam. Spam refers to unsolicited and often irrelevant or inappropriate messages sent in bulk to a large number of recipients. In this case, the emails are not requested by the users and are likely causing inconvenience and annoyance.

    Rate this question:

  • 31. 

    QUESTION NO: 31 Which of the following BEST describes a private key in regards to asymmetric encryption?

    • A.

      The key owner has exclusive access to the private key.

    • B.

      Everyone has access to the private key on the CA.

    • C.

      Only the CA has access to the private key.

    • D.

      The key owner and a recipient of an encrypted email have exclusive access to the private key.

    Correct Answer
    A. The key owner has exclusive access to the private key.
    Explanation
    A private key in regards to asymmetric encryption is a key that is exclusively owned and accessible by the key owner. It is not accessible to anyone else, including the certificate authority (CA) or recipients of encrypted emails. The private key is used for decrypting data that has been encrypted using the corresponding public key.

    Rate this question:

  • 32. 

    QUESTION NO: 32 Which of the following logs might reveal the IP address and MAC address of a rogue device within the local network?

    • A.

      Security logs

    • B.

      DHCP logs

    • C.

      DNS logs

    • D.

      Antivirus logs

    Correct Answer
    B. DHCP logs
    Explanation
    DHCP logs might reveal the IP address and MAC address of a rogue device within the local network. DHCP (Dynamic Host Configuration Protocol) is responsible for assigning IP addresses to devices on a network. By analyzing the DHCP logs, network administrators can identify any unauthorized devices that have obtained an IP address from the DHCP server. The logs will contain information about the IP address and MAC address of each device that has requested an IP address, allowing the identification of any rogue device present on the network.

    Rate this question:

  • 33. 

    QUESTION NO: 33 Which of the following is commonly used in a distributed denial of service (DDOS) attack?

    • A.

      Phishing

    • B.

      Adware

    • C.

      Botnet

    • D.

      Trojan

    Correct Answer
    C. Botnet
    Explanation
    A botnet is commonly used in a distributed denial of service (DDoS) attack. A botnet is a network of compromised computers or devices that are controlled by a single attacker. In a DDoS attack, the attacker uses the botnet to flood a target server or network with a massive amount of traffic, overwhelming its resources and causing it to become unavailable to legitimate users. By using a botnet, the attacker can amplify the impact of the attack and make it more difficult to mitigate.

    Rate this question:

  • 34. 

    QUESTION NO: 35 Which of the following is a best practice for coding applications in a secure manner?

    • A.

      Input validation

    • B.

      Object oriented coding

    • C.

      Rapid Application Development (RAD)

    • D.

      Cross-site scripting

    Correct Answer
    A. Input validation
    Explanation
    Input validation is a best practice for coding applications in a secure manner because it ensures that any user input is properly validated and sanitized before it is processed by the application. This helps to prevent various types of attacks, such as SQL injection and cross-site scripting, which can exploit vulnerabilities in the application and compromise its security. By validating and sanitizing input, developers can ensure that only expected and safe data is accepted by the application, reducing the risk of security breaches.

    Rate this question:

  • 35. 

    QUESTION NO: 36 Which of the following technologies can be used as a means to isolate a host OS from some types of security threats?

    • A.

      Intrusion detection

    • B.

      Virtualization

    • C.

      Kiting

    • D.

      Cloning

    Correct Answer
    D. Cloning
    Explanation
    Cloning can be used as a means to isolate a host OS from some types of security threats. Cloning involves creating an exact copy or replica of the host OS, which can be used as a backup or for testing purposes. By isolating the host OS in this way, any security threats or vulnerabilities that may exist in the original OS can be mitigated or avoided altogether. This can help to ensure the integrity and security of the host OS, protecting it from potential attacks or compromises.

    Rate this question:

  • 36. 

    QUESTION NO: 37 Which of the following network tools would provide the information on what an attacker is doing to compromise a system?

    • A.

      Proxy server

    • B.

      Honeypot

    • C.

      Internet content filters

    • D.

      Firewall

    Correct Answer
    D. Firewall
    Explanation
    A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules. It acts as a barrier between a trusted internal network and an untrusted external network, such as the Internet. By examining network packets, a firewall can detect and block suspicious or malicious activity, including attempts by attackers to compromise a system. Therefore, a firewall can provide information on what an attacker is doing to compromise a system by identifying and blocking their malicious actions.

    Rate this question:

  • 37. 

    QUESTION NO: 38 Assigning proper security permissions to files and folders is the primary method of mitigating which of the following?

    • A.

      Hijacking

    • B.

      Policy subversion

    • C.

      Trojan

    • D.

      DoS

    Correct Answer
    C. Trojan
    Explanation
    Assigning proper security permissions to files and folders is the primary method of mitigating Trojan attacks. By setting appropriate permissions, access to sensitive files and folders can be restricted, preventing unauthorized individuals or malware from tampering with or stealing important data. This helps to protect against Trojan horses, which are malicious programs that appear harmless but can exploit security vulnerabilities to gain unauthorized access and cause damage to a system.

    Rate this question:

  • 38. 

    QUESTION NO: 39 Which of the following logical access controls would be MOST appropriate to use when creating an account for a temporary worker?

    • A.

      ACL

    • B.

      Account expiration

    • C.

      Time of day restrictions

    • D.

      Logical tokens

    Correct Answer
    B. Account expiration
    Explanation
    Account expiration would be the most appropriate logical access control to use when creating an account for a temporary worker. This control allows the account to automatically expire after a set period of time, ensuring that the temporary worker's access is limited to the duration of their employment. This helps to mitigate the risk of unauthorized access or misuse of the account after the worker's assignment is completed.

    Rate this question:

  • 39. 

    QUESTION NO: 40 Which of the following may be an indication of a possible system compromise?

    • A.

      A port monitor utility shows that there are many connections to port 80 on the Internet facing web server

    • B.

      A performance monitor indicates a recent and ongoing drop in speed, disk space or memory utilization from the baseline

    • C.

      A protocol analyzer records a high number of UDP packets to a streaming media server on the Internet.

    • D.

      The certificate for one of the web servers has expired and transactions on that server begins to drop rapidly

    Correct Answer
    B. A performance monitor indicates a recent and ongoing drop in speed, disk space or memory utilization from the baseline
    Explanation
    A recent and ongoing drop in speed, disk space or memory utilization from the baseline can be an indication of a possible system compromise. This could be caused by malware or unauthorized processes running on the system, which can consume resources and slow down the system's performance. It is important to investigate and address this issue promptly to prevent further compromise and potential damage to the system.

    Rate this question:

  • 40. 

    QUESTION NO: 41 An administrator suspects that files are being copied to a remote location during off hours. The file server does not have logging enabled. Which of the following logs would be the BEST place to look for information?

    • A.

      Intrusion detection logs

    • B.

      Firewall logs

    • C.

      Antivirus logs

    • D.

      DNS logs

    Correct Answer
    B. Firewall logs
    Explanation
    Firewall logs would be the best place to look for information in this scenario because they record all incoming and outgoing network traffic. By analyzing the firewall logs, the administrator can determine if any files were transferred to a remote location during off hours. The logs will provide information about the source and destination IP addresses, as well as the protocols and ports used for the transfer. This will help the administrator identify any suspicious or unauthorized activity.

    Rate this question:

  • 41. 

    QUESTION NO: 42 Which of the following access control methods gives the owner control over providing permissions?

    • A.

      Role-Based Access Control (RBAC)

    • B.

      Rule-Based Access control (RBAC)

    • C.

      Mandatory Access Control (MAC)

    • D.

      Discretionary Access Control (DAC)

    Correct Answer
    D. Discretionary Access Control (DAC)
    Explanation
    Discretionary Access Control (DAC) is the access control method that gives the owner control over providing permissions. In DAC, the owner of a resource has the authority to determine who can access that resource and what level of access they have. The owner can grant or revoke permissions for other users or groups, giving them the discretion to control access to their resources. This is in contrast to other access control methods like Role-Based Access Control (RBAC), where access is determined based on predefined roles, and Mandatory Access Control (MAC), where access is determined by system administrators or security policies.

    Rate this question:

  • 42. 

    QUESTION NO: 43 Which of the following access control methods grants permissions based on the users position in the company?

    • A.

      Mandatory Access Control (MAC)

    • B.

      Rule-Based Access control (RBAC)

    • C.

      Discretionary Access Control (DAC)

    • D.

      Role-Based Access Control (RBAC)

    Correct Answer
    D. Role-Based Access Control (RBAC)
    Explanation
    Role-Based Access Control (RBAC) is an access control method that grants permissions based on the users' position in the company. In RBAC, access rights are assigned to roles, and users are then assigned to those roles based on their position or responsibilities within the organization. This allows for a more structured and efficient way of managing access permissions, as it aligns with the organization's hierarchical structure. With RBAC, permissions can be easily managed and updated by simply modifying the roles assigned to users, rather than individually assigning permissions to each user.

    Rate this question:

  • 43. 

    QUESTION NO: 44 Which of the following access control methods includes switching work assignments at preset intervals?

    • A.

      Job rotation

    • B.

      Mandatory vacations

    • C.

      Least privilege

    • D.

      Separation of duties

    Correct Answer
    A. Job rotation
    Explanation
    Job rotation is a method of access control that involves switching work assignments at preset intervals. This approach helps to minimize the risk of fraud or unauthorized activities by ensuring that no single individual has continuous access to sensitive information or critical tasks. By periodically rotating employees to different roles or departments, organizations can reduce the likelihood of collusion, increase accountability, and detect any irregularities or misconduct. Job rotation also provides employees with opportunities for skill development, cross-training, and a broader understanding of the organization's operations.

    Rate this question:

  • 44. 

    QUESTION NO: 45 Which of the following authentication methods would MOST likely prevent an attacker from being able to successfully deploy a replay attack?

    • A.

      TACACS

    • B.

      RAS

    • C.

      RADIUS

    • D.

      Kerberos

    Correct Answer
    D. Kerberos
    Explanation
    Kerberos is a network authentication protocol that uses tickets to verify the identities of users and services. It employs a timestamp and a session key to prevent replay attacks. By using timestamps, Kerberos ensures that each ticket is only valid for a specific period of time, making it difficult for an attacker to capture and reuse the authentication data. This makes Kerberos the most likely authentication method to prevent a replay attack.

    Rate this question:

  • 45. 

    QUESTION NO: 46 Which of the following would an attacker use to footprint a system?

    • A.

      RADIUS

    • B.

      Password cracker

    • C.

      Port scanner

    • D.

      Man-in-the-middle attack

    Correct Answer
    C. Port scanner
    Explanation
    An attacker would use a port scanner to footprint a system. A port scanner is a tool that scans a target system for open ports, allowing the attacker to identify potential vulnerabilities and services running on the system. By scanning the ports, the attacker can gather information about the system's network configuration and potentially exploit any weaknesses found. This information can be used to plan further attacks or gain unauthorized access to the system.

    Rate this question:

  • 46. 

    QUESTION NO: 47 Which of the following ensures a user cannot deny having sent a message?

    • A.

      Availability

    • B.

      Integrity

    • C.

      Non-repudiation

    • D.

      Confidentiality

    Correct Answer
    C. Non-repudiation
    Explanation
    Non-repudiation ensures that a user cannot deny having sent a message. This means that the sender's identity is verified and authenticated, and there is evidence to prove that the message was indeed sent by that user. Non-repudiation is important in situations where legal or financial accountability is necessary, as it prevents users from falsely denying their actions or responsibilities.

    Rate this question:

  • 47. 

    QUESTION NO: 48 Which of the following allows an attacker to embed a rootkit into a picture?

    • A.

      Trojan horse

    • B.

      Worm

    • C.

      Steganography

    • D.

      Virus

    Correct Answer
    C. Steganography
    Explanation
    Steganography is the technique of hiding information within another file or medium, such as embedding data within a picture. In this case, an attacker can use steganography to hide a rootkit within a picture, making it difficult to detect. A rootkit is a malicious software that provides unauthorized access to a computer system, allowing the attacker to control it remotely. By using steganography, the attacker can hide the rootkit within the picture file, making it appear harmless while still gaining control over the targeted system.

    Rate this question:

  • 48. 

    QUESTION NO: 49 Which of the following is a publication of inactivated user certificates?

    • A.

      Certificate revocation list

    • B.

      Certificate suspension

    • C.

      Recovery agent

    • D.

      Certificate authority

    Correct Answer
    A. Certificate revocation list
    Explanation
    A certificate revocation list is a publication of inactivated user certificates. It is a list that contains the serial numbers of certificates that have been revoked by the certificate authority. This list is used to inform users and systems that a particular certificate is no longer valid and should not be trusted. By checking the certificate revocation list, users can ensure that they are not relying on a compromised or revoked certificate for secure communication.

    Rate this question:

  • 49. 

    QUESTION NO: 50 Which of the following is a method of encrypting email?

    • A.

      S/MIME

    • B.

      SMTP

    • C.

      L2TP

    • D.

      VPN

    Correct Answer
    A. S/MIME
    Explanation
    S/MIME is a method of encrypting email. S/MIME stands for Secure/Multipurpose Internet Mail Extensions and it is a widely used protocol for securing email communications. It provides end-to-end encryption, digital signatures, and message integrity checks. S/MIME uses public key cryptography to encrypt and decrypt email messages, ensuring that only the intended recipient can read the message. It also allows for the verification of the sender's identity through the use of digital certificates. SMTP, L2TP, and VPN are not methods of encrypting email.

    Rate this question:

  • 50. 

    QUESTION NO: 34 Which of the following practices is MOST relevant to protecting against operating system security flaws?

    • A.

      Network intrusion detection

    • B.

      Patch management

    • C.

      Firewall configuration

    • D.

      Antivirus selection

    Correct Answer
    B. Patch management
    Explanation
    Patch management is the most relevant practice for protecting against operating system security flaws. Patch management involves regularly updating and applying patches and updates to the operating system. These patches often include security fixes that address known vulnerabilities and weaknesses in the system. By keeping the operating system up to date with the latest patches, organizations can mitigate the risk of exploitation by attackers and ensure that their systems are secure against known security flaws.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 19, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 17, 2010
    Quiz Created by
    Ctstravis

Related Topics

Recent Quizzes

Study Guide STEM 3rd 9-weeks exam Study Guide STEM 3rd 9-weeks exam
Interesting quiz on Study guide Interesting quiz on Study guide
Study Guide and Intervention Quiz Study Guide and Intervention Quiz
Let's Begin - Test Practice/Study Guide Let's Begin - Test Practice/Study Guide
Censorship Quiz and Study Guide Censorship Quiz and Study Guide
Kappa Delta New Member Exam Practice! Kappa Delta New Member Exam Practice!
Final Exam Study Guide Final Exam Study Guide
Chapter 1 Study Guide Chapter 1 Study Guide
English Exam 2 Smester 2 2012-2013 SMK YADIKA 11 English Exam 2 Smester 2 2012-2013 SMK YADIKA 11

Featured Quizzes

Articles Quiz With Answers Articles Quiz With Answers
Does He Like Me? Take This Quiz And Be 100% Sure Does He Like Me? Take This Quiz And Be 100% Sure
Uncover Your True Personality: Take the 'What Am I?' Quiz Uncover Your True Personality: Take the 'What Am I?' Quiz
What Will I Look Like When I'm Older? What Will I Look Like When I'm Older?
Grammar Mastery: A Quiz on Simple, Compound, and Complex Sentences Grammar Mastery: A Quiz on Simple, Compound, and Complex Sentences
What Little Miss Am I Quiz What Little Miss Am I Quiz

Popular Topics

Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.